US9565197B1ActiveUtility

Secure verification of website claims

78
Assignee: INTUIT INCPriority: Nov 21, 2013Filed: Jul 28, 2015Granted: Feb 7, 2017
Est. expiryNov 21, 2033(~7.4 yrs left)· nominal 20-yr term from priority
G06F 21/64H04L 63/12H04L 63/126H04L 63/1483H04L 67/02H04L 63/0823H04L 9/321H04L 9/3263
78
PatentIndex Score
2
Cited by
5
References
20
Claims

Abstract

The disclosed embodiments provide a system that facilitates use of a website. During operation, the system enrolls a claim containing an assertion of a characteristic of the website with a central authority. To enroll the claim, the system obtains the claim from an issuer of the claim and includes a first secure attribute with the claim, wherein the first secure attribute is signed with a first private key of the central authority. Next, the system enables verification of the claim using the first secure attribute and a first public key of the central authority.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A computer-implemented method for facilitating secure use of a website, comprising:
 verifying, by a verification mechanism in a browser used to access the website, a claim comprising an assertion of a characteristic of the website by verifying a secure attribute generated by a central authority and provided to the website by an issuer of the claim with a public key of the central authority; 
 identifying a verification status of the claim as verified or unverified; and 
 modifying a User Interface (UI) of the website based on the verification status of the claim. 
 
     
     
       2. The computer-implemented method of  claim 1 , wherein modifying the UI of the website involves:
 highlighting, within the UI, claims that are verified; and 
 dimming, within the UI, claims that are unverified. 
 
     
     
       3. The computer-implemented method of  claim 1 , wherein modifying the UI of the website involves configuring the UI to issue a warning if a user selects a claim that is unverified. 
     
     
       4. The computer-implemented method of  claim 1 , wherein modifying the UI of the website involves configuring the UI to require a confirmation from a user if the user selects a claim that is unverified. 
     
     
       5. The computer-implemented method of  claim 1 , wherein modifying the UI of the website involves configuring the UI to not allow the user to select a claim that is unverified. 
     
     
       6. The computer-implemented method of  claim 1 , wherein selection of a claim that is unverified initiates a re-verification of the claim. 
     
     
       7. The computer-implemented method of  claim 1 , wherein the claim has an expiration time, and wherein the claim will revert to a verification status of unverified if the claim has not been re-verified by the expiration time. 
     
     
       8. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for facilitating secure use of a website, the method comprising:
 verifying, by a verification mechanism in a browser used to access the website, a claim comprising an assertion of a characteristic of the website by verifying a secure attribute generated by a central authority and provided to the website by an issuer of the claim with a public key of the central authority; 
 identifying a verification status of the claim as verified or unverified; and 
 modifying a User Interface (UI) of the website based on the verification status of the claim. 
 
     
     
       9. The non-transitory computer-readable storage medium of  claim 8 , wherein modifying the UI of the website involves:
 highlighting, within the UI, claims that are verified; and 
 dimming, within the UI, claims that are unverified. 
 
     
     
       10. The non-transitory computer-readable storage medium of  claim 8 , wherein modifying the UI of the website involves configuring the UI to issue a warning if a user selects a claim that is unverified. 
     
     
       11. The non-transitory computer-readable storage medium of  claim 8 , wherein modifying the UI of the website involves configuring the UI to require a confirmation from a user if the user selects a claim that is unverified. 
     
     
       12. The non-transitory computer-readable storage medium of  claim 8 , wherein modifying the UI of the website involves configuring the UI to not allow the user to select a claim that is unverified. 
     
     
       13. The non-transitory computer-readable storage medium of  claim 8 , wherein selection of a claim that is unverified initiates a re-verification of the claim. 
     
     
       14. The non-transitory computer-readable storage medium of  claim 8 , wherein the claim has an expiration time, and wherein the claim will revert to a verification status of unverified if the claim has not been re-verified by the expiration time. 
     
     
       15. A system for facilitating secure use of a website, comprising:
 a memory; 
 a processor; 
 a non-transitory computer-readable storage medium storing instructions that when executed by the processor cause the system to perform a method for facilitating secure use of a website, the method comprising:
 verifying, by a verification mechanism in a browser used to access the website, a claim comprising an assertion of a characteristic of the website verifying a secure attribute generated by a central authority and provided to the website by an issuer of the claim with a public key of the central authority; 
 identifying a verification status of the claim as verified or unverified; and 
 modifying a User Interface (UI) of the website based on the verification status of the claim. 
 
 
     
     
       16. The system of  claim 15 , wherein modifying the UI of the website involves:
 highlighting, within the UI, claims that are verified; and 
 dimming, within the UI, claims that are unverified. 
 
     
     
       17. The system of  claim 15 , wherein modifying the UI of the website involves configuring the UI to issue a warning if a user selects a claim that is unverified. 
     
     
       18. The system of  claim 15 , wherein modifying the UI of the website involves configuring the UI to require a confirmation from a user if the user selects a claim that is unverified. 
     
     
       19. The system of  claim 15 , wherein modifying the UI of the website involves configuring the UI to not allow the user to select a claim that is unverified. 
     
     
       20. The system of  claim 15 , wherein selection of a claim that is unverified initiates a re-verification of the claim.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.